Advanced search
Publication Cover
International Journal of Computer Mathematics: Computer Systems Theory Volume 5, 2020 - Issue 4
Submit an article Journal homepage
70
Views
8
CrossRef citations to date
0
Altmetric
Articles

An adaptive attack on 2-SIDH

Samuel Dobsona Department of Mathematics, University of Auckland, Auckland, New ZealandORCID Iconhttps://orcid.org/0000-0003-0775-4019View further author information
ORCID Icon,
Steven D. Galbraitha Department of Mathematics, University of Auckland, Auckland, New ZealandORCID Iconhttps://orcid.org/0000-0001-7114-8377View further author information
ORCID Icon,
Jason LeGrowb Department of Combinatorics and Optimization, University of Waterloo, Waterloo, CanadaView further author information
,
Yan Bo Tia Department of Mathematics, University of Auckland, Auckland, New ZealandCorrespondence[email protected]
View further author information
&
Lukas Zoberniga Department of Mathematics, University of Auckland, Auckland, New ZealandORCID Iconhttps://orcid.org/0000-0002-8064-8514View further author information
ORCID Icon
Pages 282-299 | Received 04 Jun 2020, Accepted 01 Sep 2020, Published online: 24 Sep 2020
 
Sample our Computer Science journals, sign in here to start your access, latest two full volumes FREE to you for 14 days

Abstract

We present a polynomial-time adaptive attack on the 2-SIDH protocol. The 2-SIDH protocol is a special instance of the countermeasure proposed by Azarderakhsh, Jao and Leonardi to perform isogeny-based key exchange with static keys in the presence of an adaptive attack. This countermeasure has also been recently explicitly proposed by Kayacan. Our attack extends the adaptive attack by Galbraith, Petit, Shani and Ti (GPST) to recover a static secret key using malformed points. The extension of GPST is non-trivial and requires learning additional information. In particular, the attack needs to recover intermediate elliptic curves in the isogeny path, and points on them. We also discuss how to extend the attack to k-SIDH when k>2 and explain that the attack complexity is exponential in k.

View correction statement:
Correction

Disclosure statement

No potential conflict of interest was reported by the author(s).

Additional information

Funding

This work was supported by Royal Society of New Zealand Marsden project [16-UOA-144], NSERC Michael Smith Foreign Study Supplement [533577-2018] and Ministry of Business, Innovation & Employment Catalyst project [UOAX1933].

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Order Reprints Request Corporate Permissions

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

Request Academic Permissions

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.